FBI experts are seeking the help of the public to make sense of two encrypted notes found on a murder victim that have stumped detectives for years.
Ricky McCormick, 41, was found dead in a field in St Louis, Missouri, back in June 1999. Two encrypted notes found in his pockets have defied the best efforts of detectives and FBI …

That's exactly why they want to know how it works

Who?

I don't feel so bad now.

If they can't crack a 12 year old crypto, they have no chance of scratching modern day techniques?

But this raises another issue:

If Security By Obscurity is viewed as possibly insecure, and open algorithms are considered secure, but since they're well documented, it becomes viable to brute-force it in reasonable time via either distributed computing or dedicated hardware...

Then this kinda breaks that belief doesn't it?

Your code doesn't *have* to be secure, as long as no-one knows about it, it becomes inherently secure. It's as if there is no-one left who can crack an undocumented code, so it can't be cracked at all.

security by obscurity (SBO) better for an individual than a general cipher

Here is a code which captures the thoughts of a single individual for their own purposes, which seems unlikely to be usable as a general purpose cipher (GPC). The fact of insufficient obscurity with GPCs by definition, typically due to the kind of progressive leakage of secrets which is inevitable with a GPC, doesn't prevent SBO applying to an individual thought encoding system which an individual has developed and optimised for their own purposes since childhood.

The problem cryptanalysts will have is that there is probably no way of knowing at what level (words, ideas, concepts, characters, messages etc.) the symbols in his cipher refer to. So without the right lateral thinking idea it is difficult to see how and where they are going to start. Many interested eyeballs seem more likely to come up with a solution which depends initially upon a lateral thinking idea beyond the apparent capacity of the cryptanalysts who have worked on this so far.

re I don't feel so bad now

Not really, the only reason these notes are difficult to decode is that they aren't very long and we have no idea what they contain.

If there was a lot more of this code available and you had a rough idea what even a tiny amount of it contained cracking it would be simple (probably).

So a unique coding system like this is going to be pretty good for paper notes you keep in your pocket and destroy after you're finished with them but not much good for keeping records (since you can make a good guess at the contents of some records) or keeping large amounts of data (as that would give more information about the code being used).

I'd be interested in knowing how well modern code breakers would fair at working out what Egyptian hieroglyphics mean without the Rosetta Stone. Seems like a similar problem but with a lot more text available.

@John Tserkezis

> Your code doesn't *have* to be secure, as long as no-one knows about it, it becomes inherently secure.

There are a lot of really bad crypto algorithms that are really easy to re-invent. E.g. some muppets recently used "a system which used Excel transposition tables, which they had invented themselves. But the underlying code system [...] had been used and described by Julius Caesar in 55BC." See http://www.theregister.co.uk/2011/03/22/ba_jihadist_trial_sentencing/

Good encryption algorithms give you a guarantee "if you use this well-known algorithm, and keep the key secret, then it requires this much effort to break". Obviously, you pick an algorithm where the effort to break is more than your adversaries can afford in the timescales you care about.

If you invent something yourself, you can't guarantee it's strong. It's easy to invent something that you can't crack yourself, that then gets broken in minutes by an expert. Of course, you _might_ be lucky and invent something hard-to-crack, but you probably won't.

In this case, it probably helps that the FBI only have a small amount of ciphertext - that makes it much harder for them to crack the code. If they had access to a crib (i.e. one note in both encrypted and unencrypted forms) I suspect they'd break the entire cipher very quickly.

The problem with "security through obscurity":

In cryptography you're generally enciphering/deciphering something in a known human, or computer, language -- so even using an obscure cypher if you're not careful there's a pattern.

If you use an unknown (or effectively unknown) language then encipher the text could become virtually uncrackable -- but you would then have to teach anyone you communicated with that language and learn and remember it yourself as well as having to deal with situations where the language didn't cover what you were trying to say, like new technology.

In fact, I suspect that this guy was doling something akin to how I used to take notes for my A-Levels -- I'd scribble so badly that the only way I could read the notes was because I virtually remembered them anyhow and just needed prompts. Just writing, for example, the letter[s] of a word you find most significant may be enough for you to recall something, but would be hard for someone else to work out. I mean, would you know what NASA, UTC or PCMCIA stood for if you had never seen them expanded? Looking at this I remembered I can never recall "Carrier sense multiple access with collision detection" without seeing its initials.

There's an even older and more interesting (from the money point of view)

unsolved code problem out there. Involves some gold from the confederates during the civil war. They even believe the key to the code is the US constitution. Allegedly a group of soldiers were tasked with transporting the gold and were being harried by the north. So they buried the gold then wrote out the manifest and the location in and encrypted form. For the manifest they used numbers to indicate how many letters to count from the last letter used to get to the next. But no one has ever cracked the map algorithm.

Read about that one ages ago in a C-64 computing magazine. The article provided a code substitution program you were supposed to type in and then use to crack the code.

The problem is...

they've been waiting for new cypher-text for 12 years.

Seriously, it would be easier to break if it was still being used to encrypt stuff. However, I think your plan of "ask someone to create a new algorithm and encrypt a message in it, then kill them before they've told anyone, including you, what the algorithm is" has a few problems before it can be widely adopted.

Both

No just a high quality scan.

if you have a transcript the transcript makes assumptions that you will also tend to follow even if you are looking at the scan. Of course he he transposed something during the encryption process, you're pretty much screwed anyway.

Re:Hmmmm

The bit that stood out to me was the string NCBE.

It crops up _a lot_. Was trying to think what you might use that much, and in general text all i could think of was punctuation. Could it be a period? Especially as it does follow numbers in some cases.

Just a guess though, haven't a hope in hell of cracking it but if I find some time spare I might have a better look just for the sake of it!

How did he die?

trivial

using my trusty bull cypher I can see it starts

"Everyone loves a good conspiracy theory, and this one will really give the faithful some kicks..." bahh blahh "Kennedy" blahh blahh "Roswell", and closes with "Assange call me if you want you insurance to be secure"

a mixture of "letters, numbers, dashes, and parentheses"

It must be a simple one

Judging by his handwriting, he didnt have another bit of paper to work the cipher out with. He just wrote it out from his head.

This means he either had a substitution table in his head, or another language he 'invented' or some other form of easy encryption.

They said he has been doing this since school. I wonder what school boy encryptions there were at the time he could have modified?

Could be a variation on the tic tac toe board kiddy thing or something? Write the alphabet out one way, mix the boards up. A-Z again to get a substitution matrix which you remember for 40 years, then + 13 on any letter when it comes to writing it out.

You have to bear in mind...

That the man was no genius, and that he had to decrypt them on the fly, as he read them, so it is unlikely to be some brilliant method of encryption. I agree with SoupDragon, it looks like it is to do with the way it is read, rather than some clever code.

The one marked P1 looks like directions to me but I don't think we'll ever know.

TMBTA - BICBW AAMOF

I wonder if the key is that the groups of letters are acronyms for phrases that the bloke knew well? Connor's probably right - if the chap wasn't an egghead it would have to be something he could remember easily.

Looking at P1, if they are directions, TFRNEN'9 could mean something like Take First Right North Exit N9, where N9 is a road number.